Adding threat intelligence to the security mix | #eBizInsights

Today’s threat landscape is so complex and fast-paced, it is impossible to prevent every threat or attack. The criminal organisations behind cybercrime are well-funded, and have the technical skills to stay ahead of mitigation tools and techniques. They target technologies and the human weakness to find their way in to corporate networks.

Simon Campbell-Young, MD of Credence Security, says this is compounded by the fact that companies rely heavily on technology and connectivity, putting their data and systems at risk. “And these risks are not just about money – over and above financial losses, there is catastrophic damage to reputation to consider, as well as steep regulatory fines which can see a business close its doors, permanently.”

He says one thing is certain, and that is that no organisation, either in the public or private sector, can hope to match the resources of today’s cyber criminals. “No sooner has a business got a handle on one type of threat, another raises its ugly head. Cyber criminals are constantly changing their tactics, widening the attack surface, and developing new tools and techniques to bypass even the most sophisticated security solutions.”

This is where threat intelligence comes in. He says Gartner describes threat intelligence as: “Evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice, about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject’s response to that menace or hazard.”

Campbell-Young says threat intelligence can have a significant impact on a company’s ability to anticipate security incidents before they happen, which in turn, enables them to react more quickly to mitigate any potential damage, as well as put defence tools in place before the attack, and proactively fight a breach when it occurs.”

Having insight into who might be behind the attack will enable an organisation to act decisively and appropriately, knowing how to handle a specific advanced persistent threat (APT), as they will already know how it works, and can block the avenues it uses to infiltrate the network. “For example, a certain cyber criminal group will be known to target specific types of information or systems, and a business can allocate defence resources accordingly.”

Businesses today simply must find a way to add threat intelligence into their security strategies, and integrate it into every aspect of security operations. Threat intelligence will provide the necessary information that could indicate the business is in danger of a breach. “It looks for specific indicators, and known cyber criminal activity, offering situational awareness and a deep understanding of the threat landscape. It gives insight into who might see your business as an attractive target, and what they might be after.”

However, it goes beyond simply gathering this type of information, he adds. “Threat intelligence must be fully integrated, and tailored to offer actionable, accurate, relevant and timely reporting on any potential dangers. It isn’t a silver bullet by any means – it’s about the best guess. By understanding the past, it can help to predict the future, and highlight any probably targets for hackers. Essentially, it’s keeping an outward eye on the global threat landscape, to help a business prepare the strongest defences possible.”

According to Campbell-Young, threat intelligence is about predicting what is likely to happen, based on several different factors, which gives the security team the ability to be proactive in defence and on the look-out. “Adding threat intelligence into the security mix guarantees that all possible bases are covered, and the organisation is in the best place to not only prevent breaches, but identify a breach that is taking place in enough time to mitigate and manage the situation, so that no valuable data is compromised, and with it, the organisation’s reputation.”

About Credence Security

Established in 1999, Credence Security, previously ARM, the region’s speciality distribution company, specialises in IT security, Forensics and Incident Response. Working closely with leading IT security vendors including AccessData, Fidelis CyberSecurity, eSentire and Digital Guardian, Credence Security delivers Cyber and IT Security technologies and solutions that protect

organisations against advanced persistent threats, malicious adversaries and internal malpractice. A subsidiary of the UC Group, Credence Security Is headquartered in Dubai, UAE and serves enterprises across the Middle East, Africa and India through a network of over 70 resellers throughout the territory.

About eBizRadio

eBizRadio is a live multi- platformed social media service providing an online forum to the business community for holding conversations on the key issues related to specific businesses as well as availing a space for cross-business collaboration in response to key issues affecting the world of business.
The place to go if you want to know about business and lifestyle